US-Russian dictionary defines cyber war, other concepts
Working group's taxonomy seen as a step toward international agreements
It is all very well to talk about cyberspace and cybersecurity, but what do they mean, exactly?
A U.S.-Russian effort is proposing common definitions. The EastWest Institute and the Information Security Institute of Moscow State University have released a report with definitions for 20 key cybersecurity concepts, the beginning of what the groups hope will be a comprehensive international cyber taxonomy.
According to the taxonomy, released April 27, cyberspace is “an electronic medium through which information is created, transmitted, received, stored, processed and deleted.” Cybersecurity is “a property of cyberspace that is an ability to resist intentional and unintentional threats and respond and recover.”
At the other end of the spectrum, cyber war is “an escalated state of cyber conflict between or among states in which cyberattacks are carried out by state actors against cyber infrastructure as part of a military campaign,” either declared or undeclared.
Cyber Command still struggling to define cyber war
“It may seem like a small step, but Russians and Americans have never before sat down and really agreed on the terms that are the prerequisite for rules of the road for cyber conflict,” EWI Chief Technology Officer Karl Rauscher said in a prepared statement. Rauscher led the process with Valery Yaschenko, director of the Information Security Institute at Moscow State University. “Defining terms together is the first step for creating international cybersecurity agreements.”
Rauscher told GCN that international policy on cyberspace is long overdue.
“In order to have agreements on standards, policy and regulation, you need to have a common understanding and terminology,” he said. “The fact that two cyber superpowers agree on these is significant. These are terms that are intended to be used for policy discussion.”
The initial issue of the report, "Critical Terminology Foundations," was presented at an international forum in Germany on government and private-sector cooperation in information security and combating terrorism.
Rauscher said a number of countries represented at the forum expressed interest in contributing to a second issue of the report, which will be presented and further refined at the EWI’s second Worldwide Cybersecurity Summit to be held in London in June. Third and fourth versions would be issued later in the year representing consensus definitions.
The ultimate goal is international adoption and expansion of the taxonomy.
Improved international cooperation was one of the near-term goals identified in the president’s Cyberspace Policy Review, released in 2009. The EWI-ISI effort is intended to help enable this by removing some communication roadblocks.
A number of national programs to standardize cybersecurity terminology already exist, such as the Common Vulnerability and Exposure and the Common Configuration Enumeration databases, which are maintained by Mitre Corp. The critical terminology report is a higher-level exercise intended to build confidence and understanding among international parties.
One of the greatest hurdles to overcome in the discussions was a fundamental disagreement on the starting point for the discussion.
“The Russian view of information security emphasizes the holistic span of information, where cyber is one component along with others,” the report states. “The Russians see a logical assumption that a discussion should encompass all information, and not just a subset (i.e. cyber).”
The American view, on the other hand, focused more on addressing data in the emerging cyber realm of electronic infrastructures. “Americans do not see information protection as something that should include censorship, or any attempt to control the population’s awareness,” the report states.
The definitions are concise and are put into three categories:
- Cyber infrastructure.
- Cyber services.
- Critical cyberspace.
- Critical cyber infrastructure.
- Critical cyber services.
The Modes of Aggravation:
- Cyber crime.
- Cyber terrorism.
- Cyber conflict.
- Cyber war.
- Cyber warfare.
- Cyber counter-attack.
- Cyber defensive countermeasure.
- Cyber defense.
- Cyber defensive capability.
- Cyber offensive capability.
- Cyber exploitation.
- Cyber deterrent.